Auto-merge PR#4099

2025-08-04 08:44:25 +00:00 · 2020-06-17 22:26:49 -04:00 · 2020-06-17 22:26:49 -04:00 · 4be2b400b2
commit 4be2b400b2
parent 36c24f4c1d 6081dc94a3
1 changed files with 80 additions and 7 deletions
--- a/2020/3xxx/CVE-2020-3268.json
+++ b/2020/3xxx/CVE-2020-3268.json
@ -1,18 +1,91 @@
 {
-    "data_type": "CVE",
-    "data_format": "MITRE",
-    "data_version": "4.0",
    "CVE_data_meta": {
+        "ASSIGNER": "psirt@cisco.com",
+        "DATE_PUBLIC": "2020-06-17T16:00:00",
        "ID": "CVE-2020-3268",
-        "ASSIGNER": "cve@mitre.org",
-        "STATE": "RESERVED"
+        "STATE": "PUBLIC",
+        "TITLE": "Cisco Small Business RV110W, RV130, RV130W, and RV215W Series Routers Management Interface Vulnerabilities"
    },
+    "affects": {
+        "vendor": {
+            "vendor_data": [
+                {
+                    "product": {
+                        "product_data": [
+                            {
+                                "product_name": "Cisco RV130W Wireless-N Multifunction VPN Router Firmware ",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_value": "n/a"
+                                        }
+                                    ]
+                                }
+                            }
+                        ]
+                    },
+                    "vendor_name": "Cisco"
+                }
+            ]
+        }
+    },
+    "data_format": "MITRE",
+    "data_type": "CVE",
+    "data_version": "4.0",
    "description": {
        "description_data": [
            {
                "lang": "eng",
-                "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+                "value": " Multiple vulnerabilities in the web-based management interface of Cisco RV110W, RV130, RV130W, and RV215W Series Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary commands. For more information about these vulnerabilities, see the Details section of this advisory. "
            }
        ]
+    },
+    "exploit": [
+        {
+            "lang": "eng",
+            "value": "The Cisco Product Security Incident Response Team (PSIRT) is aware that proof-of-concept exploit code is available for the vulnerabilities that are described in this advisory. "
+        }
+    ],
+    "impact": {
+        "cvss": {
+            "baseScore": "7.2",
+            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H ",
+            "version": "3.0"
+        }
+    },
+    "problemtype": {
+        "problemtype_data": [
+            {
+                "description": [
+                    {
+                        "lang": "eng",
+                        "value": "CWE-119"
+                    }
+                ]
+            }
+        ]
+    },
+    "references": {
+        "reference_data": [
+            {
+                "name": "20200617 Cisco Small Business RV110W, RV130, RV130W, and RV215W Series Routers Management Interface Vulnerabilities",
+                "refsource": "CISCO",
+                "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-injection-tWC7krKQ"
+            }
+        ]
+    },
+    "source": {
+        "advisory": "cisco-sa-rv-routers-injection-tWC7krKQ",
+        "defect": [
+            [
+                "CSCvt28203",
+                "CSCvt28218",
+                "CSCvt28223",
+                "CSCvt28229",
+                "CSCvt28233",
+                "CSCvt28237"
+            ]
+        ],
+        "discovery": "INTERNAL"
    }
-}
+}